LockBit Ransomware Gang Leaks 43GB of Files After Boeing Failed to Pay Ransom

Boeing reportedly just ignored the warnings from LockBit ransomware group.

The notorious LockBit ransomware gang has exposed stolen data from Boeing, a global aerospace giant catering to commercial airplanes and defense systems.

The cyberattack highlights that a "tremendous amount of data" was leaked in the recent incident.

Ignored: Boeing's Stolen Files at Risk

LockBit Ransomware Gang Leaks 43GB of Files After Boeing Did Not Pay Ransom
LockBit hackers initially threatened Boeing that they would leak 4GB of files if the latter did not comply with its request. However, the aerospace firm refused to pay a ransom. Jornada Produtora from Unsplash

LockBit hackers issued warnings to Boeing, emphasizing the imminent public exposure of sensitive data.

Based on Bleeping Computer's report, a staggering 43 GB of files, primarily system backups, were disclosed after Boeing declined to meet the ransom demands. The cybercriminals had initially threatened to unveil a 4GB sample if negotiations weren't initiated.

Timeline of Tensions: Countdown to Data Release

Boeing faced a Nov. 2 deadline to engage in negotiations after the hackers posted the company on their site on Oct. 27.

Despite a temporary disappearance from LockBit's victim list, Boeing reappeared on Nov. 7, with the hackers underscoring the company's disregard for their warnings. Frustrated with Boeing's silence, the ransomware gang released a portion of the stolen data on Nov. 10.

Content of the Data Dump

LockBit's data release includes configuration backups for IT management software, logs for monitoring and auditing tools, and backups from Citrix appliances.

Speculation arose about the exploitation of the Citrix Bleed vulnerability (CVE-2023-4966), with proof-of-concept exploit code surfacing on October 24.

While Boeing confirmed the cyberattack, details surrounding the breach remain undisclosed. The aerospace giant refrained from providing insights into the incident or the breach's specifics.

LockBit's Prolific Reign: A Global Menace

LockBit, a resilient ransomware-as-a-service operation active for over four years, boasts an extensive list of victims across sectors.

Notable targets include the Continental automotive giant, the UK Royal Mail, the Italian Internal Revenue Service, and the City of Oakland. The U.S. government, in a June statement, disclosed that LockBit extorted approximately $91 million since 2020 through nearly 1,700 attacks on various U.S. organizations.

Highlighting its international reach, LockBit's influence extended to Spain in August, with a phishing campaign targeting architecture firms.

The campaign aimed to encrypt systems using LockBit's locker malware, thus it shows the global scope and adaptability of the ransomware operation.

The impact of LockBit was so vast that 40% of the total ransomware cases in August 2022 were attributed to hacked LockBit 3.0 accounts.

At that time, security experts believed that cyberattacks would persist to impact several industries in the world. The ransomware cases were initially projected to inflict damage exceeding $30 billion in 2023.

If the hackers were caught red-handed this time, they might just rebrand and resume the operations in another place and with another set of devices to use.

It appears that security awareness among companies might be weakening as seen in previous cyberattacks. The best way to address these cases is to have a strong mitigation plan to minimize the risk during the process.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics